To reproduce:
- Open Special:RecentChanges.
- Click the rollback link on any edit. The rollback happens and you see the diff.
- Click the logout link. The "you have logged out" page appears.
- Click the link in "Return to [[article]]". An error message is displayed indicating that you don't have permission to roll back (because the URL parameters for the rollback are included in this link, so it tries to do it again).
Environment:
- MediaWiki 1.27.4
- PHP 5.6.30-0+deb8u1 (fpm-fcgi)
- MySQL 5.5.55-0+deb8u1
I don't know if this is a security/stability risk -- there are those stories about browsers trying to "help" by not ending your session for a while just in case -- but it's obviously not intended behavior. If it's not a risk then priority is low, since there's no harm done, only an extra click to get somewhere more practical.
I searched to see if this was a known issue, as always, but if the root cause is somewhere below the browser layer then I might not discern whether that description is a generalization of this. :( It might, for example, come out in the wash when T88044 is resolved. Or it might not.
Hope that makes some sense; thanks.